NHS login

[georginaplatt]

What

You must use NHS login if you're building products and services and need to digitally authenticate members of the public logging into them.

What is NHS login? NHS login gives members of the public a simple, secure and reusable way to access multiple digital health and care services with one set of login details.

Why

• What evidence do you have that services across the NHS need it? - Research evidence to be added
• What evidence do you have that it meets the needs of the users of those services? - Research evidence to be added

The System Design Authority (SDA) approves inclusion of common tools in the service manual. It has approved NHS login.

For a technology or tool to be added to section 11 of the NHS digital service standard it must:

have a clear onboarding process for integration into a product or service be well documented, including support information for developers and users have a transparent and robust assurance process support national standards

Anything else

We're very interested in hearing what you think about the standards and technology section of the service manual and how it might, or might not, help you develop digital services in health.

[andrew-nhsbt]

"You must use NHS login if you're building products and services and need to digitally authenticate members of the public logging into them."

I see two challenges with that:

Firstly, is NHS-login truly for "Members of the Public" or is it for "Patients"? In NHS Blood and Transplant we have blood donors who are not necessarily patients of an NHS England service. These could be visitors to England from the home nations or abroad, or migrants who have not yet qualified for NHS service provision. They all fit the definition of "Members of the Public", but they are not patients of NHS England so may not be able to achieve medium-, and certainly not high-level proof of identity.

Secondly, some NHS services have a UK-wide geographic scope rather than England only. For example, the Organ Donor register is maintained by NHSBT but takes registrations from candidate donors, and is accessed by organ retrieval staff across the UK. I don't think we can mandate use of the NHS Log-in for service users for example in Scotland or Northern Ireland, and we certainly can't do anything that would limit our service offering to them vs English donors.

There are 3 NHS services currently using the NHS Login, none of them have a UK-wide scope:

• NHS Account/App - "To have an NHS account, you must be [...] registered with a GP surgery in England."
• Covid 19 App - "The NHS COVID-19 app is available to download in England and Wales."
• e-Referral Service - "The NHS e-Referral Service (e-RS) has been successfully implemented in referring organisations across England"